Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0357

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-0357
Last Modified 10 May 2014 12:02:08
Published 15 Apr 2014 06:55:12
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-0357

Summary

Amtelco miSecureMessages allows remote attackers to read the messages of arbitrary users via an XML request containing a valid license key and a modified contactID value, as demonstrated by a request from the iOS or Android application.

Vulnerable Systems

Application

  • Amtelco Misecuremessages -


References

CERT-VN - VU#251628

MISC - http://ics-cert.us-cert.gov/advisories/ICSA-14-121-01

MISC - https://service.amtelco.com/INFINITY/MSM/MSM6.2SecurityBriefing.pdf


Last Updated: 27 May 2016 11:05:14